Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
File: XTTdv33KsQy_aCKXkh61gS2QUHE.mft (raw, json)
Hash identifier: gnf5dDOecx2Epry3owrwEeQOU1tivYpt/ddzyXCKa5k=
Subject key identifier: F6:A2:5F:CC:B6:A3:DA:7C:69:F3:18:95:AA:51:65:9B:98:ED:0E:17
Authority key identifier: 5D:34:DD:BF:7D:CA:B1:0C:BF:68:22:97:92:1E:B5:81:2D:90:50:71
Certificate issuer: /CN=5d34ddbf7dcab10cbf682297921eb5812d905071
Certificate serial: 019A71B81FA35B3FBA7A2BA4805AA60A48A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
Manifest number: 061D
Signing time: Tue 11 Nov 2025 07:01:23 +0000
Manifest this update: Tue 11 Nov 2025 07:01:23 +0000
Manifest next update: Wed 12 Nov 2025 07:01:23 +0000
Files and hashes: 1: S6aYdrXE8VeCcP5w8D7hhhcOGoc.roa (hash: csN/l/mC6C7LyFwDFQUEKU3wX0HgZWqjImlEztzBO3Q=)
2: XTTdv33KsQy_aCKXkh61gS2QUHE.crl (hash: yu2fqp1/E2nly1BBWbE9GI1fVVlO7PufleeW9AGNTsg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:1f:a3:5b:3f:ba:7a:2b:a4:80:5a:a6:0a:48:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d34ddbf7dcab10cbf682297921eb5812d905071
Validity
Not Before: Nov 11 07:01:23 2025 GMT
Not After : Nov 12 07:01:23 2025 GMT
Subject: CN=f6a25fccb6a3da7c69f31895aa51659b98ed0e17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ca:07:42:0d:c5:16:ed:69:17:5c:a4:10:03:
16:02:7a:ac:ab:8c:3d:74:07:a6:27:82:5c:bc:c8:
1a:b1:57:35:7a:2b:6d:70:bd:f9:4e:fd:9e:b6:ce:
66:9d:9d:d5:d3:00:43:64:9e:59:fd:80:0f:a3:3f:
d8:10:fe:43:1d:ac:81:66:dd:97:95:76:e1:41:bf:
6c:8e:e7:72:40:f2:8c:31:2d:51:9b:9c:95:a8:05:
c3:29:79:5d:35:df:97:5a:5a:76:dd:3c:da:a1:d8:
55:cd:d4:b5:c8:fd:96:67:2c:ef:46:1c:3c:65:e6:
3c:36:f6:a3:06:bb:20:75:ab:25:f6:b0:2e:9f:a6:
36:a7:97:b3:1c:0a:4a:d0:4d:f0:df:92:1a:4d:4b:
57:47:2f:a0:94:fb:f3:93:76:b5:be:10:97:b6:f7:
2c:95:b8:62:1f:a9:eb:41:77:23:c0:73:1c:36:1b:
24:fc:6a:25:13:93:a8:db:95:a0:d5:56:8b:05:b5:
3c:09:b1:12:2a:ab:39:8a:de:06:5c:e8:b5:e2:e7:
c4:dc:2f:c4:d7:bc:a7:70:be:8d:fd:c2:6b:0f:24:
32:9b:d8:23:c9:33:9d:c4:19:c9:15:33:87:a0:cc:
1d:02:d8:1d:85:b5:2c:60:5d:81:2d:fe:a4:fd:29:
f0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:A2:5F:CC:B6:A3:DA:7C:69:F3:18:95:AA:51:65:9B:98:ED:0E:17
X509v3 Authority Key Identifier:
keyid:5D:34:DD:BF:7D:CA:B1:0C:BF:68:22:97:92:1E:B5:81:2D:90:50:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:44:ef:4f:e5:b2:5b:8e:6c:43:c6:bb:10:e5:77:a3:e7:1f:
4a:a7:eb:f5:10:13:f3:82:59:15:2e:99:9f:6f:19:52:db:be:
78:6d:63:29:8e:44:a5:0a:24:a8:0f:6f:45:c1:31:05:5f:93:
6a:33:ce:2d:52:63:ee:87:27:f4:5b:4d:95:91:aa:fb:8b:e3:
d7:e0:43:f8:69:f5:05:4f:98:24:fe:4b:7a:01:b6:93:fe:13:
6b:a7:b0:82:da:03:79:14:43:fd:27:f0:56:ab:f6:7b:7a:69:
c7:48:e1:8d:79:82:70:bf:b7:53:06:a8:2e:7e:69:51:95:04:
b2:ef:5f:ba:48:86:b9:ef:fe:f3:13:3c:19:4f:c2:e1:a6:2d:
b1:d5:f2:59:79:b7:c7:61:5c:3b:e3:f1:b7:2c:2d:1f:39:cc:
0f:03:f8:95:ec:70:1c:82:8e:e2:22:00:0b:4d:f4:17:5c:44:
f5:f4:ae:60:9b:b9:ae:17:c8:9c:28:04:1d:3a:b1:e5:46:e4:
cb:05:5c:7d:e5:47:6f:3c:29:69:73:38:09:16:ea:06:78:58:
4b:90:c8:ed:9d:9d:aa:b1:8d:60:79:fa:61:a1:aa:fe:b2:79:
22:04:ec:b2:8d:7e:4f:59:24:b4:05:4b:14:67:b6:e4:d2:55:
5e:df:9e:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuB+jWz+6eiukgFqmCkinMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzRkZGJmN2RjYWIxMGNiZjY4MjI5NzkyMWViNTgxMmQ5
MDUwNzEwHhcNMjUxMTExMDcwMTIzWhcNMjUxMTEyMDcwMTIzWjAzMTEwLwYDVQQD
EyhmNmEyNWZjY2I2YTNkYTdjNjlmMzE4OTVhYTUxNjU5Yjk4ZWQwZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcoHQg3FFu1pF1ykEAMWAnqsq4w9
dAemJ4JcvMgasVc1eittcL35Tv2ets5mnZ3V0wBDZJ5Z/YAPoz/YEP5DHayBZt2X
lXbhQb9sjudyQPKMMS1Rm5yVqAXDKXldNd+XWlp23TzaodhVzdS1yP2WZyzvRhw8
ZeY8NvajBrsgdasl9rAun6Y2p5ezHApK0E3w35IaTUtXRy+glPvzk3a1vhCXtvcs
lbhiH6nrQXcjwHMcNhsk/GolE5Oo25Wg1VaLBbU8CbESKqs5it4GXOi14ufE3C/E
17yncL6N/cJrDyQym9gjyTOdxBnJFTOHoMwdAtgdhbUsYF2BLf6k/Snw8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPaiX8y2o9p8afMYlapRZZuY7Q4XMB8GA1UdIwQY
MBaAFF003b99yrEMv2gil5IetYEtkFBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMTk3MGQtOWY3ZS00YzRhLThiMDQt
NWNlZTZkNWYxYTEyLzEvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMTk3MGQtOWY3ZS00YzRhLThiMDQtNWNlZTZkNWYxYTEy
LzEvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaUTvT+Wy
W45sQ8a7EOV3o+cfSqfr9RAT84JZFS6Zn28ZUtu+eG1jKY5EpQokqA9vRcExBV+T
ajPOLVJj7ocn9FtNlZGq+4vj1+BD+Gn1BU+YJP5LegG2k/4Ta6ewgtoDeRRD/Sfw
Vqv2e3ppx0jhjXmCcL+3UwaoLn5pUZUEsu9fukiGue/+8xM8GU/C4aYtsdXyWXm3
x2FcO+PxtywtHznMDwP4lexwHIKO4iIAC030F1xE9fSuYJu5rhfInCgEHTqx5Ubk
ywVcfeVHbzwpaXM4CRbqBnhYS5DI7Z2dqrGNYHn6YaGq/rJ5IgTsso1+T1kktAVL
FGe25NJVXt+e2g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:13 2025 by rpki-client